As we approach the holiday season, the FTC reports the launch of the public comment portal for its proposed rule on junk fees, a request for information on cloud computing, and a public challenge seeking innovative ideas for addressing voice cloning. The Bureau of Consumer Protection announced that it issued warning letters to health influencers for failing to disclose material connections, and that it proposed a settlement order with a communications company for failing to protect sensitive consumer data. All this and more, after the jump.

Monday, November 13, 2023

Bureau of Consumer Protection: Advertising and Marketing; Junk Fees   

  • The FTC announced that it is seeking public comment on its proposed Rule on Unfair or Deceptive Fees. The proposed rule was drafted in part as a response to the overwhelming amount of consumer input about the ways such fees impact consumer spending. The FTC welcomes all stakeholders to share their perspectives on how the FTC plans to address such fees.

Wednesday, November 15, 2023

Bureau of Consumer Protection: Advertising and Marketing; Endorsements, Influencers, and Reviews

  • FTC staff issued warning letters to a dozen dieticians and online health influencers and two trade associations, highlighting concerns that the association might have violated the FTC Act by failing to adequately disclose that influencers who promoted the safety of aspartame on TikTok and Instagram were hired by the Association to promote that message. The letter noted that in the FTC Endorsement Guides, there is a fundamental principle that the identity of the speaker, “and on whose behalf they’re speaking,” is “highly material” information for consumers. The letter urges health influencers to review their social media posts to ensure compliance, and warns that “violations of the FTC Act may result in legal action seeking a federal district court injunction or an administrative cease and desist order.” The letter recipients received 15 business days to respond to agency Staff’s stated concerns, and were warned that engaging in violative conduct could result in “civil penalties of up to $50,120 per violation.”

Thursday, November 16, 2023

Bureau of Consumer Protection; Bureau of Competition; Office of Technology: Cloud Computing; Big Data; Human Computer Interaction

  • The FTC reports that Cloud Computing has blossomed into a $576 billion industry in the almost twenty years since it emerged. The FTC released a Request for Information (RFI) and hosted a public panel, to better understand the contours of cloud computing and its interplay with competition, single points of failure, security, and AI. In response to the 102 comments submitted from various stakeholder groups, the FTC generated four forward-looking questions: A) Are there signs that cloud markets are functioning less than fully competitively, and that certain business practices are inhibiting competition?; B) Are cloud providers incentivized enough by competition to create systems that are sufficiently secure?;  C) Will competition alone create resilient systems, or is government intervention needed to avoid single points of failure?; and D) How will cloud providers respond to a limited supply of specialized AI chips?

Bureau of Consumer Protection; Office of Technology: Artificial Intelligence; Human-Computer Interaction; Big Data; Data Security

  • On November 16, the FTC announced its Voice Cloning Challenge to encourage the submission of viable ideas towards addressing the risks and harms of voice cloning technologies. The FTC notes that while voice cloning possesses great societal value, including allowing those who lost their voices to speak as themselves again, it also possesses great societal risk, including the appropriation of voices, and other fraudulent practices. To address these risks, the FTC requests administrable and resilient ideas that mitigate the burden placed on consumers and increases the responsibility and liability of companies. The FTC launched the Challenge on November 17th, offering a top prize of $25,000 to prospective participants. The challenge broadly seeks innovative ideas on various intervention points including: prevention or authentication, election and monitoring, and evaluation resources.

Bureau of Consumer Protection: Consumer Privacy; Data Security

  • The FTC announced a proposed settlement with Global Tel*Link, one of the country’s largest providers of communication services for jails and prisons. The complaint alleges that GTL left the data of hundreds of thousands of people who used GTL’s products unprotected and accessible on the Internet. This data included personally identifiable information (“PII”) such as names, contact information, Social Security numbers, and financial information. The data breach occurred when GTL allegedly moved a database to a test environment in the cloud where it was left unencrypted. The FTC complaint reports that at least eight months elapsed during which GTL and its subsidiaries “failed to contact affected consumers.” To settle these allegations, GTL agreed to implement  a comprehensive information security program, provide credit and identity monitoring to consumers not previously notified, and notify affected consumers. For the first time in an FTC order, the settlement requires GTL to notify the FTC and affected consumers about future data breaches.